305 comments

[ 5.4 ms ] story [ 281 ms ] thread
It sucks because Chrome is so much better usability wise than all those others. I wish they would just fix whatever this keystone trash is, and leave that to stonehenge
I found out, surprised, that current Edge is basically a better Chrome - even compatible with all extensions, faster, and with lower battery consumption.

And, yes, Microsoft AutoUpdate, which however seems reasonable so far.

Edge is missing E2E encryption in the sync feature.
Yep - pretty critical missing bit of functionality unfortunately.
What does Chrome do better than Safari?
Runs on my computer.

(not a big fan of chrome though)

Well that's a great answer. ;)

It's kind of a shame that Apple killed off the Windows version of Safari. I often wonder if they would consider bringing it back.

For me - it works properly on spotty connections. I have fast, but unreliable internet that drops connection few times an hour and Safari and Firefox are almost unusable - when connection drops for just a few seconds they cannot open many websites for up to 5 minutes (reddit, google and youtube among many others; hacker news is one of the few that work all the time).

Chromium based browsers do not have that issue, I used to use Vivaldi but temporarily switched to Safari as I wait for ARM build of Vivaldi and I am constantly frustrated by that issue.

I have tried debugging it but got nowhere, it seems to be system wide issue as some 3rd party apps exhibit this behaviour too (for example live streaming through IINA or Skype) while others not (Electron based apps usually work fine). Recently switched to new M1 Macbook and it happens on it too.

I wonder if this is a DNS issue. Are the browsers that work ignoring the system DNS servers? Perhaps using DoH?
This was my first idea, I tried setting DNS to 8.8.8.8, tried 1.1.1.1, tried others, tried setting them in Network Setting, tried on router, tried sudo killall -HUP mDNSResponder. I can ping those faulty websites during Safari downtime without issue, but somehow the browser does not even try opening the website (Timeline Recording in Safari shows no Network Requests). It looks like macOS is caching something somewhere and when that cache expires it starts to work again. Emptying Safari caches does not help and I don't know if there is any way to purge all system networking caches.

Chromium based browsers certainly ignore something, it might be DNS related but I'm out of concrete ideas what exactly to change.

Supports web standards ? Extensions ? Developer tools ?

I'm using Safari as my primary browser because Chrome is a resource hog and this i9 MBP sounds like a 747 taking off when it starts using CPU but Chrome is a better browser feature wise - I plan on switching back to desktop (since this WFH shift it's just better) and I will 100% use Chrome even if Safari was an option (fan noise/CPU power/power consumption aren't a concern).

Does anyone know a way to get Safari to show a preview of the url when you hover over a link?

I tried to switch recently since it's supposed to waste less battery but two things I found were a bad experience after Chrome:

- no decent ad blocker? the one I saw recommended was Ad Guard but that seems to require you to have an Electron app running simultaneously (!) in order for it to block anything

- in Chrome when I hover over a link I see the url in the bottom left 'status' area... I had no idea how much I like this until it wasn't there in Safari... it feels really weird to click on a link and not know where it goes to

You can force click on the link if you have a trackpad that supports it. There are probably ways to simulate a force click even without such a trackpad. The same also applies to iOS: links can be previewed across many apps by long pressing.

KB here: https://support.apple.com/guide/safari/go-to-websites-ibrw10...

That shows the whole webpage. It looks like they just want to see the link in the lower left, which can be done, as others have said, by turning on the status bar from the View menu.
force trackpad press on the link to see a preview

Ad Guard for Safari does not require you to run the app to block ads. Just quit the app.

The hover thing might be some pref but Safari shows urls on mouseover.

When I quit the app the Ad Guard shield icon went back to "paused" so I assumed it needed to be running to work
View -> Show Status Bar
Ah great, that's it!

The other thing I miss with Safari I don't think there is a solution for... there's no version for Android, so I miss sharing history and passwords with the browser on my phone.

My fault for not buying all Apple devices I guess

- AdGuard has to run its app in the background, true, but it‘s very well behaved. - menu: View —-> ShowStatus Bar (command /)
(comment deleted)
(comment deleted)
1. dev tools 2. extensions
The PC equivalent is the 'reporter' process? App locker really comes in handy for such a thing. I used Chrome for so long but it was Firefox containers that finally forced me to switch and never look back.
You probably mean 'Windows equivalent'. Many people don't care, but it really is a bad habit to use 'Windows' and 'PC' ambivalently. Yes, Windows is the dominant OS for the PC, but there are others as well.
Just use Firefox

If you want to be sure your stuff works across browsers, test in safari

Don’t support or trust ad companies to deliver technology, their interests are always misaligned with the user

Safari is arguably the worst browser to do general tests in if you're not making iOS apps, as it has a history of rendering and behaving differently than any other browser.

The dev tools are also unusable compared to Chrome.

I think you misunderstood the GP's comment. They aren't advocating to work with Safari, but to work with Firefox then to test with Safari. If it works in Safari after being developed in Firefox, it's likely to work everywhere.
FWIW I haven't found that to be the case with something as simple as making an image autoresize.
Then you can keep a Chromium-based browser like Brave around for some additional testing, even if it's not your daily driver.
By "any other" you mean Chrome and Firefox?
A generation ago people used to say "as long as it works in IE6 then that's all you need, who cares about other browsers"

Now it's Chrome, but it's the same danger.

Any actual evidence of the performance impact? This seems thinly supported by evidence.
I think evidence of functional impact might be just as appropriate.

If removing keystone doesn’t harm the user, and may make the computer faster; why would anyone leave it at all?

Chrome is fine this is dramatic.
I'm gonna try this. Thank you.
Anyone who does: Please consider doing a video of the process and results, or some other proof.

It would be awesome to get traction on this, but there needs to be undeniable evidence first.

Found an old thread involving the Google Keystone tech lead:

https://news.ycombinator.com/item?id=21065504

This is why dates on articles is so important. I can’t tell if this website is newer or older than that response so I can’t tell if this is a problem today or was a problem that was resolved
The only clue this domain might be newer is he mentions the 16inch MacBook Pro which first came out in 2019.
Huh. Chromeisbad.com doesn't have an author credit, but the tweet implies it's by notable iOS developer Loren Brichter, creator of Tweetie, Letterpress, and inventor of pull-to-refresh.
Yeah, it felt weird to put my name on it, people usually do that when they have something to sell. Someone mentioned that it seems sketchy being anonymous so I'll probably sign it.

There's no upside for me either way.

Hopefully the upside has been learning to do a bit more investigation, provide a bit more evidence, before registering a domain for your theory and submitting to HN :)
I didn't submit it or write it for this crowd.
That is about a different bug involving Keystone :)
Chrome's security is, however, light years ahead of anyone else's; it remains the sole reason I still use it.

It's possible to use Little Snitch to deny Keystone/ksupdate all network access, which is what I do, which removes the Google RCE vulnerability it places on your machine.

Make sure to periodically manually update Chrome, however.

What evidence do you have to back up that claim?
In the security industry it's commonly known Chrome has the best security, this partly due to the amount of money Google invests in finding vulnerabilities (via fuzzing) in Chrome.

For "proof", you can check how much exploit vendors pay for exploits for each browser. For example Zerodium offer:

* $500k for Chrome RCE

* $100k for Safari RCE

* $100k for Firefox RCE

https://zerodium.com/program.html

The higher amount would generally indicate its harder to get an RCE in Chrome.

Or perhaps that Chrome exploits are more useful?

In fact, given Firefox's tiny market share (despite my efforts) I'm surprised the disparity isn't higher. Maybe it's harder to find Firefox exploits?

It's more likely that more popular browsers equally have more people attempting to crack them; and software in general is so buggy that results probably scale in proportion to the number of people looking.

Thats a valid point if we're referring to relatively unknown browsers. But the main three browsers are all high profile enough that they all have significant eyes on them and are thoroughly tested.

Firefox may have a small market share, but exploits for Firefox may even have more value to some entities/governments, due to its use in Tor Browser.

To clear any confusion, all three are extremely secure in comparison to other types of products (which is why exploits are so expensive), however Chrome just edges ahead, due to its sandboxing, and rapid patch cycle.

The higher amount would generally indicate its harder to get an RCE in Chrome

That does not follow at all. Chrome has the highest market share and so an exploit would have the greatest impact potential. More users affected => more economic value for an exploit.

Market share has a factor, but its not always the commanding factor.

Take a look at https://zerodium.com/program.html

Apache and Nginx have a very similar market share. Nginx has higher share in top 10k websites, Apache has slightly higher share overall.

Yet Apache has over double the price as nginx exploits:

* Apache RCE 500k

* Nginx RCE 200k

If they both have similar market share, then that variable has been isolated and the conclusion that the cheaper exploit is the less secure is sound. When that variable has not been isolated, it's not possible to conclude that the difference in price is due to security and not due to the exploit affecting more people.

"The amounts paid by ZERODIUM to researchers to acquire their original zero-day exploits depend on the popularity and security level of the affected software/system, as well as the quality of the submitted exploit (full or partial chain, supported versions/systems/architectures, reliability, bypassed exploit mitigations, default vs. non-default components, process continuation, etc)."

So, if chrome, with ~65% of the market share had the same payout as firefox at ~4% of the market share, it would be fair to conclude it's less secure. However, we see 5x the payout and 16x the market share. Doesn't seem conclusive.

I think chrome was the most secure in 2015, but a lot of updates in all browsers have shipped since then!

Also, if you include google in your threat model, then chrome was never that safe

> chrome's security is, however, light years ahead of anyone else's

give evidence to support your claim. I've been using Firefox for the past 10 years and I fail to see how it's insecure. I do see however, how it's not nearly as user-hostile as chrome.

I don't need to have a working exploit for Firefox to accurately state that it's easier to exploit Firefox than it is Chrome.

I encourage you to read writeups on the patched bugs for Chrome sometime.

All the metrics you've given are either subjective or inconclusive. I think the claim that firefox is less secure than chrome needs to be backed by a metric such as the number of critical issues and how long they took to be patched. Otherwise it sounds as mere speculation.
the linked 2009 wired article quotes adobe saying 'yeah we don't see the need to have an always-on updater process'

fast forward to 2020 when (1) adobe has this and (2) they still email me every so often to remind me to install their software which (3) I have installed and been using

I think life would be better if there were a 3rd-party update service that wasn't trying to also own marketing + distribution (i.e. take 15-30% of the sale and also maintain platform dominance). A tool that was 'just updates' so my other software doesn't get to install a rootkit.

Like homebrew maybe? ;-)
homebrew is non-commercial and updates on-run, rather than in the background, but frankly yes

if they had a commercial offering I think they have the brand trust to make this work

They have that trust because all the software installed by homebrew is open source.
Not necessarily all open source, homebrew-cask has been merged into brew and you have e.g. Jetbrains IDEs and Zoom available.

Personally I use homebrew-cask to manage almost all applications and their updates, turning auto-updating off in almost all apps. That way I am in control and can update when it is convenient, know if an update broke something, etc.

Edit, using:

- https://github.com/buo/homebrew-cask-upgrade

- https://github.com/Homebrew/homebrew-bundle

Situation: there are 14 companies installing rootkits.

14?! Ridiculous. We need a single company that's allowed to install rootkits.

Situation: there are 15 companies installing rootkits.

How about we just stop digging when we find ourselves in a hole?

(Ref https://xkcd.com/927)

yes I get it but none of the proprietary updaters are trying to be a standard or a 3rd-party tool
Apple should allow Firefox and Chrome into the Mac App Store as they are, and have the updating done from there. That’s the solution.
The Mac App Store is for well behaving apps haha. For some definition of well behaving, anyways. This compromise is actually great -- the MAS is available to those who want to live in a cozy little walled garden of perfection. Those who are willing to compromise on security in exchange for apps that have free run of the system are welcome to do that also.
The Mac App Store is really for scamware, it seems like…
This argument sounds eerily familiar, but I can't quite place it...
I know I can’t because the iOS App Store argument is “and you can’t have it any other way.” On macOS for as long as you can have it other ways I’m totally ok with it.
No, I was just being sarcastic because the double-standard mystifies me. I completely agree.
and Apple take 30% of transactions you make in Chrome and FF? Desktop is less of a walled garden than ios. i hope it stays that way.
They could make an exception, for the larger benefits to their platform. Custom updaters are helping no one, and it seems like the spark has left Sparkle (the last I looked, sparkle 1 was for an era long past, and sparkle 2 was still incomplete).

On an alternate timeline, Apple could have allowed software vendors to hook into the old software update application, and pull in updates through that mechanism, in addition to the first party updates.

Most of the GUI apps I use on macos update themselves using a framework like sparkle. Just uses an occasional (typically weekly) connection to check if an update is available and doesn’t need its own daemon.
This is the way. Windows is rife with these updater things. It's one of the first things I disable when I'm debugging a friend's Windows computer. I much prefer Mac and Linux because they (mostly) don't do such things, although I still have to keep a windows machine around for various reasons.
Exactly.

It's not just Google. Adobe or any other company installing always running updaters... is just wrong.

This is total nonsense.

Even for malware, hiding from Activity Monitor would be quite a feat. Short of an exploit, you couldn't hide your process without a kernel rootkit, but macOS has required user approval to load kernel extensions for several versions now. I suppose you could go the low-tech way and just name your process "WindowServer" to confuse the user, but you'd still end up with two WindowServers.

The idea that Chrome's auto-updater is doing this is ludicrous.

Chrome does have the capacity for screen sharing (e.g. Chrome Remote Desktop), but I assume it wouldn't inject any extensions into the window server unless it was actively invoked.
I remember quite well the Google update process being notorious for evading Little Snitch firewall rules. It popped up every intervall as if it were a new (unseen) process. There's definitely something going on with the app signature. (Haven't used Chrome for some time by now.)
I am curious why that happens. From some Googling it seems like the updater copies itself to a random directory each time it runs [1], and I guess Little Snitch classifies programs by their full path, so it sees it as a new program each time.

Copying itself is odd and probably suboptimal behavior, but it is explainable without assuming malice: my guess is that it’s related to some kind of “before we update let’s update the updater” bootstrapping logic. I could be wrong, but IIRC the updater code is open source, so it should be easy to find out.

[Edit: Oops, it's actually not open source. Their Windows updater (Omaha) is open source, but their Mac one (Keystone) is not. Of course, one can still open the binaries in a decompiler.]

Regardless, moving a program around on disk, or even deleting the program while it’s running (which is possible on macOS), would not prevent it from showing up in Activity Monitor.

[1] http://www.reecefowell.com/2012/11/16/ksfetch-annoyance-on-m...

> my guess is that it’s related to some kind of “before we update let’s update the updater” bootstrapping logic.

However, it happens (happened) specifically, if network access has been denied and there couldn't have been an upadate possibly received.

I think the observation is just out of date now. "Haven't used Chrome for some time by now." At present, Little Snitch does just fine at blocking GoogleSoftwareUpdate.
For those of you who are unaware, Comex is one of the most respected security researchers of all time and has done extensive research into Chrome and won Pwn2Own multiple times. He is completely correct, keystone is just Chrome's auto updater. The technical content of this article is super thin. This shouldn't be on the top of hacker news.
The blog post quality is lacking but the comments are interesting.
Oh the good old argument by authority.
The parent did not rely on authority; they posted actual substantive content. Read their comment history.

You can choose to flip off people's qualifications if you want.... but it doesn't make what they say wrong, no matter hooooooowwwww much you don't like it. :)

(comment deleted)
While it's indeed unlikely that there is deliberately hiding, there is a chance that the google updater triggers something in some (OS-level) components via some (implicit) IPC mechanism that causes load spikes in those components. You'd hardly see any load for the real culprit itself but those other connected components may run hot.

This user says their WindowServer runs hot. Some Chrome-related software may have entered a state where it accidentally DoS'es the WindowServer either due to a bug in google software or a bug in WindowServer that google software triggers, at least in the system configurations particular to this user.

True, that much is possible. But fairly unlikely, especially since Chrome's updater normally does not even pop up a GUI. We'd need stronger evidence than "I deleted some Google stuff and rebooted and now feels faster". I suppose the author did claim to have reproduced it on two computers, but only once each, and with no objective performance measurements. Sadly, there are a lot of things that can make macOS 'randomly' seem slower or faster, especially after rebooting, and with subjective measurements, confirmation bias is a huge factor.
Well, the author is blaming it on the updater kinda, but it could have been chrome itself or the updater might be trying to create a window for whatever purpose in a tight loop or do something else that somehow ends up eventually calling into the WindowServer. There are plenty of things that can go wrong.

I had my own run in with chrome recently where dwm.exe (Desktop Windows Manager on win10) would eat and eat memory until everything OOM'ed. Didn't use much CPU tho. I eventually tracked it down to a single chrome tab that had a specific website open. It's reproducible at least on my system but I haven't yet had the time to look into it more thoroughly. If I had to guess, it was the website making Chrome use some "hardware layers/surfaces" or something like that and cause the corresponding buffers in dwm to be retained forever. No idea if it's a chrome bug or a dwm bug or even some kind of driver bug, and just closing the tab was enough as a "quick fix".

WindowServer CPU before/after is as objective as I've got. I'm convinced there's a fire, but I can only show you the smoke: https://twitter.com/lorenb/timelines/1338892756752732169

For those that didn't measure, it's almost irrelevant — I'm telling you it's not a subtle difference. It's night-and-day.

It's very low on my list of plausible theories, but if there was a hypothetical keystone exploit, what is the latest on code-injecting WindowServer?

Also added an FAQ to the site: https://chromeisbad.com/#faq to address the low-hanging fruit of obvious objections to the possibility that Chrome/keystone is doing something to the system to cause it to thrash.

I may have got it wrong, but I interpreted the page to say only that Chrome and/or its updater made Window Server work hard, not that they're impersonating it.
Afaik you don't need to hide from the monitor to cause load by WindowServer while staying silent yourself. You just need to do graphics-intensive stuff. WindowServer then shows up as the manifestation of graphics being processed.

In fact, Un-googled Chromium (without the autoupdater) easily causes load that's displayed as WindowServer's, for me—when I open a Youtube video on my oldish Macbook with a shitty integrated video card. However there's little chance that I would think this to be caused by something else.

I’ve been having WindowServer problems for month taking almost 100% of cpu out of the blue. I never could find any solutions and believe me it’s really painful when working when my IDE becomes so slow if takes seconds for every keystroke. So far it seems to fix my problem and I have the same computer setups. I switched to Brave to get back the Dev Tools. I don’t have a day to take off to analyze the my system deeply without knowing where to start so in my case it’s a welcome fix
Is there anything like this going on on Linux? I don't really use it, but I have it in case I need to do dev testing.
Fortunatelly on Linux it's just using standard repositories.
Yes... except the Chrome package adds updating itself to your cron scripts without telling you. :/
And it can update itself without sudo?
Yes, since the cron script automatically runs as root on a repeating schedule.

If you want to see what it does:

    mkdir junk
    cd junk
    wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
    ar x google-chrome-stable_current_amd64.deb
    tar xf data.tar.xz
    cat opt/google/chrome/cron/google-chrome
It's not nefarious - it's well-documented and explained.

It's just making a decision for me that, as an administrator, I need to be the one deciding instead.

That is very bad. With this they can easily and covertly target an ip and deploy automatically a rooted version to infiltrate a specific computer.

That looks like crazy theory, but tell me what they will do if the nsa request it?

% ls /opt/google/chrome/cron/google-chrome

ls: cannot access '/opt/google/chrome/cron/google-chrome': No such file or directory

I used to be concerned about it. But so does Brave and other Chromium-based browsers. The script in `/etc/cron.daily/google-chrome` on Fedora ensures that the google chrome repository configuration file is correct, but it doesn't update Chrome itself. You still update Chrome manually with `dnf update`.
I find it maddening when articles presume a specific operating system without ever explicitly mentioning it. This is not limited to a Mac - happens with Windows and Linux articles as well.
The author should probably note that not updating Chrome is a very bad idea.

There's a good reason for automated updates on a web browser for the general public and there's a good reason why Chrome is the most secure browser on the market.

Using Chrome itself is very bad idea.

There is fundamental reason why internet standards should not be dictated by a data-collection/advertising company.

Try getting that across to the nerds who constantly whinge about Google.

The Internet was designed to share information, not to provide a medium for delivering proprietary applications.

Perhaps it should go back to its original goal, or people should be educated on other alternatives.

It could autoupdate when running/on launch though. No idea why Google litters my system with weird backgroundtasks, unless it's to get a few more datapoints on me..
Looks like this is just a Windows/OS 10 trojan. These sort of bullshit software issues usually come the the territory.
(comment deleted)
This is a Mac only problem. He was talking about Macs, not Windows.
The author went so far as to create a domain for this rant, and yet didn't even do any performance metrics or basic forensic analysis at all. I'm not saying the author is wrong, but there's a lot of questions here. How does Keystone hide itself from the Activity Monitor? Is there a Keystone process if you run `ps aux`? Did you run dtruss/strace? What is it doing when Chrome isn't running that causes it to degrade performance?
I'm quite impressed by that “chromeisbad” as a domain was not already taken.
Yeah. After reading your comment I tried out a couple of similar domains on the form x is bad and x is good and they were both parked waiting for someone to pay whatever ridiculous price the owner is wanting to demand to sell it. I wish it was illegal to do that.
If it weren't legal, then someone would simply use it for a trivial website and then sell it.

Perhaps that is the only reason this simple, trivial article exists.

With the amount of rebuttals in this thread, I'm impressed `chromeisgood.com` isn't taken.
right

besides, most probably would learn themselves the hard way when put in the same position the OP detailed

problems with Goo are widely known in circles of the Mac-communities ever since Goo-acc's first became avail in the beginning only by invitation, back then

also worth to look into the history of why, when and by whom LS aka LittleSnitch was developed in the first place -- tho this was more related to issues with that then must-go-to site 'versiontracker' [for all sorts of Mac shareware] and a vintaged firewall [3rd party] product widely used that time that didn't work as advertised

a Mac OS w/out LS these days ? back then very few only were concerned with 'calling-/phoning-home' issues on a scale nobody could imagine, least speak or post about in public, in those pre-iPhone ages

Here you have another one: ilovechrome.com :)
Possible correlation and hand waving equals causation.

I, too, was hoping for something, well, technical. Considering #1 on hacker news...

Does anyone else see the irony that hand waving is being disputed with hand waving?
No, there's a concept of "burden of proof" which applies here.
You don't get to stack "hand waving" indefinitely. The person who made the original claim is responsible for providing refutable evidence.
I was reading through the comments and hoping someone would know what keystone actually was and if there was any possibility of the claim in the article :) . I mean there's a lot of stuff in chrome other than this keystone thing, maybe it was one of those other things.
That this is so high right now is quite reflective of HN.

It's nearly an exact match of the meme like utterance often seen on reddit: "chrome bad".

There's been a massive influx of reddit-quality comments for quite a while. I guess it was only a matter of time before it was reflected in the submissions.
I think that in HN there is a high quality in the comments and a low quality in the voting of publications, because in the first, people refrain from commenting stupid things because it gets them harsh criticism, but in the second, people can vote for stupid (or low quality) publications because they will not be criticized.

And most of HN (and of social media, and the world in general) is dominated by dumb people.

So are you also going to point out that the vast majority of other top links are actually quite credible? It's easy to declare a whole site bad over one thing isn't it? Like the author in this article did under similar circumstances?
Hating Google is very fashionable on HN these days, I'm not surprised to see this so highly voted. I also wouldn't be surprised if most of the upvotes are based on the title/domain rather than the actual "content".
>Hating Google is very fashionable on HN these days

Well, why shouldn't it be?

Why shouldn't apple? For some reason apple gets a pass on HN for things like fighting to keep forced labor camps open [1]. Lets hate Google AND Apple.

1. https://9to5mac.com/2020/11/23/anti-forced-labour-bill-apple...

Seriously, why not? And why was wnevets getting downvoted?

The linked article references a source I’m sure most on HN would agree is reputable, to the extent it confirms their biases.

> A report in [The Washington Post](https://www.washingtonpost.com/technology/2020/11/20/apple-u...) claims that Apple is trying to weaken provisions in the bill.

> > Apple lobbyists are trying to weaken a bill aimed at preventing forced labor in China, according to two congressional staffers familiar with the matter, highlighting the clash between its business imperatives and its official stance on human rights.

(comment deleted)
Yeah, just bad reporting.

"Apple lobbyists are trying to weaken a bill aimed at preventing forced labor in China, according to two congressional staffers familiar with the matter, highlighting the clash between its business imperatives and its official stance on human rights."

1) The US legislators could not care less about "forced labor" in China (or even in the US for that matter, e.g. penal labor). Same way they don't care when it is their allies doing it (or worse things). It's all about the trade and dominance war with China.

2) Apple and the other companies involved don't care about forced labor either (if they could legally and without media repurcusion use it, they would). But they also don't need and don't seek forced labor. Good old capitalist low wage labor is good enough for them. So it's not like they try to defend China's forced labor because they benefit for it.

3) What Apple and the other companies have is multiple suppliers all over China, including that area. Most of them (if not all) have little or nothing to do with forced labor. But because the law aims to hurt China and not to stop forced labor, it doesn't care about little details, but uses blunt force and a wide net.

4) Understandingly (from a business/logistics perspective) Apple, Google, and co, can't just drop/replace suppliers at the drop of a hat. So they ask for more time for check, and a better look at which suppliers are actually problematic to be added to the bill. So "weaken the provisions" is actually "make the law more accurate and fairer", but they won't say that.

Then the mix of propaganda for foreign policy (as if those legislators care), hypocrisy, business interests (from Apple and co) and extremely bad reporting for clickbait and patriotic reasons, then turns into:

"Apple lobbies in favor of force labor".

It's as if some companies wanted to continue to use some useful drug medically, and e.g. tried to "weaken the provisions" of an strict anti-drug law that forbade it without nuance, and the headlines were like "Company X lobbies in favor of heroin".

I agree, this is a deal that should be between governments, this is just an attempt of the US government to push responsibility to companies rather than actually acting against the Chinese government to end these labor camps. Whether tariffs or whatever. Few companies have the ability to follow every link of the supply chain for corruption. Most small to mid size to just find a distributer and buy what they need, they don't have the ability or authority to send in a small army of auditers, that the CCP isn't going to allow anyway.
Or, you know, maybe the world isn’t black and white, and you could read the whole linked article to see why Apple might want to reasonably oppose certain provisions of the bill, instead of simply being “evil”, whatever that means:

> However, there is one potential explanation.

> In July, campaign groups called on Apple to err on the side of caution by ceasing using production facilities based in the Uyghur Region of China. The bill as it is currently written might make that the only way that US companies could ensure compliance.

> > One provision in the bill requires public companies to certify to the Securities and Exchange Commission that their products are not made using forced labor from Xinjiang. If companies are found to have used forced labor from the region, they could be prosecuted for securities violations.

> If Apple cannot easily avoid using downstream suppliers based in the region, it may be that it is trying to dilute the provision to something more along the lines of a requirement to conduct audits, investigate claims, and to take all reasonable steps to prevent the use of forced labor.

>Why shouldn't apple? For some reason apple gets a pass on HN

Or, you know, Apple gets the same or more kind of criticism, but since you are biased to agree with it, you are blind to it, and only see the praise/defenses.

>for things like fighting to keep forced labor camps open

That's probably because the framing of this by the media is BS, playing into the trade war objectives and narrative of the US foreign policy.

It's just that these companies have a lot of suppliers in those areas, unrelated with any "labor camps", whereas the US/law has put a wide canvas that includes a huge area and all kinds of inoffensive suppliers. Seeing that the companies can't just cut off their supply chain on the drop of a hat, they ask for extention period, better monitoring on which and if any of their particular suppliers might actually involve such labor, etc.

But that doesn't make for good headlines for the masses, or for good propaganda.

>Or, you know, Apple gets the same or more kind of criticism, but since you are biased to agree with it, you are blind to it, and only see the praise/defenses.

Do you honestly believe if this post was about apple or an apple product with the exact same lack of content, it would have gotten the same number of up votes as quickly as this one did?

In HN, where every third post is "Why I'm leaving Apple" or such? Yes.
I dont see any apple related post on the front page, let alone negative ones. Do you see a different front page than I do?
Yes, it's called "bias blind spot" :-)

Here's one in the front page, just a few days ago:

Falling Out of Love with Apple, Part 3: Content and Censorship (hardware.substack.com) 321 points by zherbert 7 days ago | flag | hide | 292 comments

https://news.ycombinator.com/front?day=2020-12-07

Wait, so we went from every third post on HN is a negative post about apple to here is one post from 7 days ago? Talk about "bias blind spot".
This law is untenable. For one thing outside of companies like Apple or Amazon who -might- be able to negotiate with the Chinese government on audits, middle to small businesses would have no possibility of that because they mean nothing to the CCP. This is a government to government thing, not a company thing and the bill doesn't make sense to make companies culpable for the entire supply chain. It's just punting responsibilities to companies who trade rather the US government whose job it is really to investigate such things. It's just a feel good law to blame corps rather than Congress Critters, which they've been trying to get rid of responsibilities for decades.
With Apple you get what you've paid for. With Google you pay for what you've got for "free".
Next on Hacker News -- Why your mom is a whore from this totally objective website yourmomisawhore.com
Another thing you can do: profile the process to find out what exactly it’s spending all that CPU time on. There are a few different ways to do this on macOS, including the GUI Instruments.app which comes with Xcode, and dtrace. But if you’re the sort who always has a terminal open, the quickest way is to just run

    sudo spindump
Also useful when a process is hung, even if it’s not taking up CPU time.

Sometimes the output isn’t useful due to a binary having been stripped of symbol names, but all macOS system libraries have symbols, so you can usually figure out something.

Speaking of the GUI Instruments.app. Is there a way to start a process from there, instead of attaching to an already running process? I used it the other day and could only figure out how to attach to an already running process with it.
Create a new profiling environment based on the template you're interested in, making sure "Choose a profiling template for:" is set to "Your Computer > All Processes." Next, in the top-left of the window, where it says "Your Computer > All Processes", click on All Processes. Select Choose Target... and navigate to your binary and hit Choose. Then hit the red circle to begin recording. This will launch a new instance of the specified binary and profile it.

This may not work for binaries that set PT_DENY_ATTACH, though.

Yes, it’s possible. In the menu with all the processes, pick the option “Choose Target”. It’s kind of an annoying UI, but it works.

Another option is to use `xcrun xctrace` to get a recording from the command line, which can then be opened in Instruments.

So users are expected to run debugger tools in order to figure out what some hidden program is doing?

Many years back I couldn't sleep and noticed my HDD's was working hard. I checked and it was google updater that was scanning everything...

I will never know why, they might be stealing IP (i was working on OCR at the time) or they just wanted to create a profile to serve better ads...

There is a GUI program as he said.

By definition, “hidden” programs are not gonna tell you what they are doing up front.

Yep lots of responsible software companies will tell you what software is doing if it goes outside the parameters of their software. Say if a program is scanning your computer for information when it's really only supposed to be a web browser.
How else do you expect to figure out what a program is doing? Should it make a pop up with a stack trace from time to time?
Maybe a notification of what it is doing. "We are using your computer for machine learning" or "Currently upgrading Chrome". Or some sort of documentation on what the program is supposed to do.
> So users are expected to run debugger tools in order to figure out what some hidden program is doing?

That's like saying "So we're expected to investigate and have a full trial before sending someone to jail?". If you just want to delete it, go ahead. If you want to go as far as creating a whole domain to blame Chrome, yes, you do need more than just "I deleted it and coincidentally my computer got fast".

> If you want to go as far as creating a whole domain to blame Chrome, yes, you do need more than just "I deleted it and coincidentally my computer got fast".

I think the fact that the site exists and is a pretty highly ranked story on HN probably proves that incorrect.

s/you do need more/you should need more/

Clearly if you read the thread, most people here aren't happy about this being at the top of HN, and it honestly reminds me of reddit where people just upvote things purely based on the headline, without even looking at the content. If anything this is just a sad day for HN.

> most people here aren't happy about this being at the top of HN

well the ones that comment, at least.

there might very well be a silent majority that is reading these threads with great joy.

like for instance the bit where someone lost it when they got reminded of the site guidelines and felt the need to list their "accomplishments" on HN

you don't get entertainment like that in normal threads.

You're welcome!

Of course your comment also violates the guidelines: "Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize. Assume good faith." Reinforcing my claim that violation of the guidelines is the norm here rather than the exception.

My point was that authors of HN submissions are almost always treated with disrespect by HN commenters, and I was citing my repeated personal experience of having been such an author. (I believe the HN moderators are in denial and view the site through rose-colored/orange-colored glasses). I don't view having been #1 on HN to be an "accomplishment". I don't find it useful at all, because I run an independent business, yet being #1 on HN never increases my software sales at all, so it's pretty useless as far as I'm concerned. It just increases my server usage. I've sometimes considered (as I'm sure many people have) simply blocking Hacker News referers on my server. Could still happen...

In fact I finally created an account on HN simply to try to have some "control over the narrative" in HN comments about my own authored articles, because there are often some really dumb misunderstandings in the comments. Not sure it has been worth it though.

Technically, I "lost it" on HN about 3 weeks ago, when I got sick and tired of accurate information being downvoted. The only reason I'm still here now is that I have way too much free time on my hands due to the pandemic/social distancing.

> The author went so far as to create a domain for this rant

It's not a 'far' thing to purchase a domain anymore. Domains are cheap as chips, and have gotten cheaper now since the advent of novel generic TLDs where usually the first year is sold cheap but to roll it over into the next few years the price is hiked (which is why so many people now purchase a domain for a year only).

It is common now and expected to see single-serving-sites[0] that are just thinly veiled blogposts.

[0] https://en.wikipedia.org/wiki/Single-serving_site

A lot of blogging services integrate domains as well.

If you already have payment integrate, adding a domain to a blog is a few clicks - if even.

Because this sounded outlandish, I decided to have a look on my own system. Since the author didn't give any technical details, I grepped `~/Library` and `/Library` for files containing `keystone` in either name or contents. This yielded the following interesting candidates, along with similar entries for daemons etc:

  ~/Library/LaunchAgents/com.google.keystone.agent.plist  
  ~/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/com.google.keystone.agent.plist
  
They all reference the same binary, `~/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/GoogleSoftwareUpdateAgent.app/Contents/MacOS/GoogleSoftwareUpdateAgent`, and frankly are wholly uninteresting configuration files to integrate with launchd and other stuff.

Looking through a full system trace in Instruments didn't yield anything interesting either (outside of discovering that I forgot to shut down one of my virtual machines).

All in all, this sounds like hot air, and I can't help but wonder what the motivation behind making this page was.

> I can't help but wonder what the motivation behind making this page was.

Why would you immediately jump to assuming bad faith?

No grand conspiracy required... the author believes that Chrome is slowing down his Mac and decided to share it. The end.

I'm not really one for conspiracies, more so I fail to see where the evidence is that Chrome was somehow related to begin with. I do agree my wording could be better there, though.
Asking the question "wonder" is not really assuming bad faith is it? I don't see any intentional deception there.
The page says "I deleted Chrome, and all the files Keystone had littered on the computer, restarted, and it was so snappy it felt like a brand new computer. Yeah, I realize this sounds like a freakin' infomercial, but it worked so well I spent $5 on a domain name and set up this website even if it makes me sound like a raving nut."

To then "wonder what the motivation is" is to suggest that you don't believe this simple positive explanation, and imply there's something less simple, and more scheming.

Yeah, there was no super master plan here, just that after dealing with one sluggish computer for days (you name it, I tried it), and another one for 5 years... the fact that it turned out to be slow because of an app that wasn't even running was pretty frustrating.

Filing a bug report that would get "works on my machine"'d and then ignored and auto-closed by a bot in 5 years didn't quite feel worthy.

Auto-updating browsers are a good idea. Keystone is bad auto-updating software. It should probably get scrapped.

What's a good way to verify that I've removed Keystone completely? Google doesn't provide any sort of uninstaller or uninstall instructions.
try `mdfind keystone` in terminal
Well, for one, going as far as buying a domain for a single rant is a little bit suspicious. If at least it was a website dedicated to gathering issues with chrome, but a single issue with zero evidence or research. That's not generally how people "decide to share it".

Sure looks suspicious and not the content I expect to see on HN.

The author is the well-known Loren Brichter: https://twitter.com/lorenb/status/1337832978253230081

So there's unlikely to be a conspiracy, just a dude with too much money and self-importance.

Personal attacks are not ok here. Please don't respond to a comment that breaks the site guidelines by breaking them yourself. That just makes the thread even worse.

https://news.ycombinator.com/newsguidelines.html

This entire submission has been flagged, so it appears that Hacker News itself sees something seriously wrong with the author's web site.

Anyway, FWIW, I was defending the author from the charge of doing something suspicious.

> a dude with too much money and self-importance

Personal attacks are not ok on HN. Please don't post like that again, regardless of whom you're defending.

This is a serious, non-sarcastic response: honestly, sincerely, in my experience as a HN reader off and on for years, a commenter for 6 months, and occasional author of submitted articles (usually submitted by someone other than me) that have reached #1, violation of the HN guidelines is the norm on HN, and abiding by the guidelines is the exception.

I myself have been personally attacked on here, or been interpreted uncharitably, etc., countless times. Mostly with no moderators intervening. In general I have no objection to "policing" the comments, if it is done well, and consistently, but the problem with policing, not just on HN but in general, is the selective, arbitrary enforcement of rules.

Just looking at the current case, for example, why was my reply flagged, but the comment I replied to, which you also cited as violating the guidelines, was not flagged?

Moreover, IMO this whole submission seems to be a strange time to be pedantic about enforcing the guidelines. After all, the submission itself was flagged as very low quality, and many of the commenters were justifiably complaining about the low quality of the submission and wondering why it was #1. The author is deserving of some rebuke, especially for the "nefariously hides itself from Activity Monitor" bit, which is technically false, indeed impossible. The author should know better, being or having been a Mac software engineer himself.

In fairness, HN is no worse off than any other site that allows comments from the general public. HN wants to believe that its comments are higher quality than other sites, but the reality is that it's not really true, and it's hard to see how that will ever become true. Maybe it was true in the distant past when HN was less trafficked, I don't know.

It's amusing that my reply was downvoted, as if that even matters down in a 2 person thread of replies to a flagged comment in a flagged submission. (And I already have more "karma" than I'll ever need. Does anything above 500 matter?)

More proof that HN is as juvenile as any other site.

(I realize that talking about downvoting is against the guidelines. Which is a very convenient way of avoiding the undeniable fact that upvoting and downvoting behavior on HN is highly irrational.)

There are several points here—happy to respond.

> violation of the HN guidelines is the norm on HN

It happens much more than we'd prefer, but to say "the norm" is a huge exaggeration. I understand how it can feel like the norm—it's common enough to run into frequently, and painful experiences leave a stronger imprint than pleasant ones [1]. But these false feelings of generality are dangerous because they lead to an attitude of why-bother. Current toxin levels, though bad enough to produce symptoms, at least aren't fatal. Why-bother would kill the community if it spread.

> selective, arbitrary enforcement of rules

HN moderation is inconsistent in one way but consistent in another—call them strong and weak consistency. Strong consistency would be "every post that breaks the guidelines gets moderated in the same way". That would require moderators to read all the posts, and there are far too many for that to be feasible. Weak consistency would be "when a post does get moderated, the mods do it consistently and even-handedly". That's at least possible, and what we're shooting for. We don't get everything right but we're open to hearing about and fixing our mistakes.

If you see a post that ought to have been moderated but hasn't been, the likeliest explanation is that we didn't see it [2]. (You can help by flagging it or emailing us at hn@ycombinator.com.)

> why was my reply flagged, but the comment I replied to, which you also cited as violating the guidelines, was not flagged?

Users flagged one more than the other. Your post violated the guidelines worse, so I don't think that was unfair.

> this whole submission seems to be a strange time to be pedantic about enforcing the guidelines

That's not how moderation works. When users break the guidelines and we see it, we ask them not to. Keep in mind that we don't necessarily read the threads in order—sometimes we do, but other times we're looking in via more random-access views. The guidelines don't change relative to the submission, so I don't see why moderation should.

[1] https://hn.algolia.com/?dateRange=all&page=0&prefix=true&sor...

[2] https://hn.algolia.com/?dateRange=all&page=0&prefix=true&sor...

"Assume good faith."

"Please don't post insinuations about astroturfing, shilling, brigading, foreign agents and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email hn@ycombinator.com and we'll look at the data."

https://news.ycombinator.com/newsguidelines.html

It's not suspicious, its $5 which is not much to a lot of people in 1st world countries, especially those with at least enough curiosity/knowledge to be able to set one up if he/she has be frustrated a long time by a slow computer.
And domains are dirt cheap nowadays, so it’s not as if the author is out a lot of money.
Thank you for digging in to it on your machine. That level of forensics is exactly what we need in this issue.

Because there is a rich history of issues that only affect certain configurations, and those configurations are typically only revealed in hindsight: your results have to be seen as a single datapoint and not a nail in the coffin.

To others who are curious about this: please contribute more datapoints

Not sure about this Keystone, but the Chrome Software Reporter Tool keeps annoying me A LOT. It frequently causes high CPU load and at least the last time I checked I could not find a proper documentation on what it is or does.
Keystone is the hidden nefarious program that apple installs as its been clearly stated to convert intel into arm code lol
You are thinking of Rosetta.
To make an argument of this scale you have the burden of proof. There is no proof here past casual correlation.

An analogy I see here is the scene from an old film where a woman walks behind a wooden screen and a goose walks out thus the woman is a shape shifting witch.

>>To make an argument of this scale you have the burden of proof. There is no proof here past casual correlation.

And yet, as of this writing, it has 200+ upvotes and is at the top of the front page.

HN audience really needs to do better. If you are reading this and are one of the people who upvoted the story, please really ask yourself why.

Oh this is normal. People upvote the title, then comment, then read it if the comments aren’t agreeing with their preconception. Humans are a mess of a species.
Sounds like a design issue. Why does the front page have an upvote button if we expect people to read the post/article first?
Interesting point. Perhaps if you click through the upvote button shouldn’t appear until 5 minutes later?
Because some people check the linked article only and might never look at the comments.
There isn't a website on the planet that allows for votes where it doesn't very often happen that they provide a viewport into the boundless stupidity of the human species.

I wonder how H.N. and similar websites would work if ranking was purely a function of activity and not of votes — simply push to the top whichever branch of the tree has the last reply so highly debated news is statistically more often at the top, but whichever link had the last reply somewhere will be currently at the top.

Chrome lives in the causal consumer world.

Many of us believe, with some justice, the causalization of computers has been to the diminishment of power users.

Therefore chrome bad gets hundreds of upvotes. I guarantee you not everyone read the entire article, and then ran their own diagnostic CPU benchmarking to verify the results, and also compared it against chrome competitors.

It's more like the common folk like chrome, and chrome ruin PCS for us

I surely hope chrome lives in a causal world, a non-aristotelian world would be confusing. (Just me being an ass, I know you meant casual)
Hm. I figure I'll give it a try. I have stability/slowdown issues, but I don't attribute it to anything more than I'm a native software/device control developer, and often running dodgy, hacked-together tools. I generally have to do a "deep cleaning" of my system once a year or so.

I do often have a windowserver hang.

I don't really use Chrome much (just for testing, or the odd times that a site won't work on Safari). Not a big deal for me to rip it out.

If it were a tool that I use all the time, though, I might be more comfortable with a posting that had a bit more detail.

"Safari is good" haha ...
I've had noticeable issues with "WindowServer" in the past (taking 80% CPU usage and causing the fans to ramp up even when the system seemed like it should be idling even after a reboot) so I decided to give this a shot.

This is anecdotal but there is a noticeable difference for me with responsiveness after following these steps. Currently the WindowServer process is hovering around 14%.

Most likely the issue was resolved by the reboot, not by uninstalling Chrome. From my experience Mac OS tends to slow down after a few days. Animations and scrolling gets choppy and there's nothing I can do to fix it, short of rebooting.
> From my experience Mac OS tends to slow down after a few days

Just for the sake of the argument, do you have installed Chrome?

Yes. Just like Linux - in 1996.

Very sad.

(I have recently started using Apple tools for developping with Swift/Xcode on iPad. I am very unimpressed by the quality of the tools, and quite impressed by the range and depth of features....)

I can assure you that it wasn't related just to rebooting as this has been something that's been bugging me for months. I had previously rebooted earlier in the day because of this exact same issue (a runaway WindowServer process), before I saw this article. I also did a fresh reboot before following these instructions too as a sort of "control".

The change only happened for me after removing Chrome as well as the launch agent for keystone.

I use macOS daily for months at a time without rebooting and have not seen this problem on any of the 5 Macs I've been using for the past several years, for what that's worth. It does seem like it's something specific to your machine.
The question is: Chrome, or no Chrome? xD
Does your system have Chrome on it, because if it doesn't then you observations don't really apply since the conversation is centered around a bug possibly associated with that. Personally I don't allow chrome on my machines. I do install brave for those cases where I have to use "chrome" because some company simply doesn't design their web app for anything else otherwise it's firefox.
Do you happen to have an external USB mouse?
Hmm, can't there be some kind of malware hiding under the Keystone name?
The window to the internet should not be some monster that takes millions of developer hours and held ransom by a couple of big companies.

I should be able to build my own browser in a 3 month sabbatical.

> The window to the internet

This exact part of your comment is why big companies are fighting so hard to own and gatekeep web browsers.

> big companies are fighting so hard to own and gatekeep web browsers

could you expand on this? Which big companies are you referring to?

Apple, Microsoft, Mozilla, Google
Well, Microsoft gave up and are using Google's browser. And Mozilla just downsized the Firefox team (and they're paid by Google to keep Firefox going, basically). And Safari is only ever a presence on Apple computers, which Apple already control completely. It's not really a huge competition...
Microsoft Edge is not "Google's browser". It uses the Chromium rendering engine but it's still developed and distributed by Microsoft, which means they own the telemetry, the features, the defaults, and the user experience (which are the parts that matter, no one cares about the renderer from a business POV).

Google has Chrome, we've covered that already.

Apple has Safari.

Firefox exists, and is only funded by Google - in my opinion - to fend off anti-trust at this point.

Just because Google has more or less won the browser wars doesn't mean all those other companies wouldn't _love_ to regain market share in the future.

And perhaps they will. Owning that window is hugely valuable and lucrative, so why wouldn't they?

I agree completely that Firefox is only maintained as an anti-trust foil by Google.

When Google worked out that Microsoft owning the browser might cost them in the long run, they started working on Chrome.

I don't see anyone doing anything similar at the moment. Microsoft's adoption of Chrome is a tacit admission that they lost the browser wars and are not interested in continuing that fight. Apple isn't trying to get Safari adopted en masse on any other OS, it just seems to want to have a browser that it controls on its platform, which I guess makes sense. But it's not a play for "controlling the browser" - they don't even stop you from installing other browsers on their platform.

This just isn't an area anyone is fighting for any more. Building a standards-complient fully-featured browser is a huge project, but not so huge that a large corporate couldn't afford it. Persuading people to use it is a larger problem, but again, nothing that hasn't been done before and can't be done again. But no-one at this scale is even trying.

There are a few attempts from the other direction, dedicated companies like Brave trying to make this happen, and I hope they succeed.

> > The window to the internet

> This exact part of your comment is why big companies are fighting so hard to own and gatekeep web browsers.

Yes. And it goes even further, it's also why they're working hard to destroy the WWW, and have everybody silo-d into their app.

It's why on most social/media networks you can't really link to anything. Why they're dressing down the address bar so that people don't see (and learn about!) URLs any more. Or learn about their use, that they are one of the fundamental building blocks of what was the WWW.

Although there's more, they already burned some parts of the woods before attacking the WWW. Do you remember there was a time when almost all of the popular instant messaging protocols were supported in ONE (free, non-tracking, non-ad infested) app (and there was even a choice of such apps: Pidgin, Trillian, Miranda ..).

Some of them could even talk to each other. It's crazy to imagine, but ultimately even more crazy is that we don't have this any more!!

They won the instant messaging war, it was pretty silent in fact. Just wasn't as ingrained as the WWW used to be. They had to wean the users off slowly, which is exactly what they're doing right now.

The time is coming but not yet. If they could, they would completely do away with the browser and just have their own apps. All the browser represents to them is a liability; an opportunity to click away and leave their platform for another.

There’s more to the Internet than web pages. Web browsers don’t even get the most runtime on my machine.
Sure, I meant web pages.

Its frustrating to see replies discussing the definition of the internet.

The point I wanted to discuss is that there are not many choices for browsers and it takes a lot of effort to build one from scratch. Thus the competition is lacking.

The Internet is much bigger than the Interweb.
This must be how things like some alternative medicine and anti-vax start: Things like feeling healthy and your computer being slow can be very subjective.

The author appears to be technical enough to know that there is something called keystone on his computer, but not technical enough to benchmark and investigate further. The name keystone sounds kind of nefarious, so it makes sense that someone would be able to convince themselves that it makes their computer slower.

(comment deleted)
Well yeah, because "my kid has autism and his also got a vaccine so obviously that's the reason my kid got autism" is exactly how it gets started because they heard about that paper (or rumors thereof) that has been debunked a 1000 times over in the medical literature but now it's a part of folklore and almost impossible to kill like other superstitions.
A lot of skeptical comments in this thread.

I'm not low-level enough to confirm or deny the specific claims in the article.

I will say that my experience with regards to CPU performance "leaks" and Chrome seeming to always be running in the background even when I didn't want it to, as well as Chrome starting up on system startup when there didn't seem to be any references to it anywhere I'd expect to cause that, are consistent with the article.

I saw a lot of "low-level integration" with my system going on, a lot more than I understood, ever wanted or asked for, and there was no way I knew of to turn it off. It was like IE on Windows all over again.

I was also able to solve the issues by removing Chrome from my systems.

I sometimes install it temporarily to do Web testing and remove it shortly afterwards, but I think I'll do that in a VM from now on.

What is running in the background/on startup, Chrome itself or its updater? And is this on macOS or another platform?
This was on Mac OS X when it was still stylized that way.

Chrome itself would run on system startup.

I no longer use that system, and don't remember the details well enough.

Chrome can/does definitely run in the background if you have chrome Remote Desktop enabled. It wouldn’t surprise me if they had a daemon always running in case you want to enable Remote Desktop.
I just tested it. Setting up Chrome Remote Desktop requires installing a separate package which Chrome downloads for you. When it's enabled, there are indeed two always-running processes located under /Library/PrivilegedHelperTools/ChromeRemoteDesktopHost.app, which are apparently launched thanks to /Library/LaunchAgents/org.chromium.chromoting.plist. But those weren't running before I set up Remote Desktop; I imagine they were installed as part of the package and didn't exist before.

If I disable Remote Desktop again… well, it doesn't actually delete the LaunchAgents plist or ChromeRemoteDesktopHost.app. That's rude. But it does make the processes stop running.

(To be totally clear, Chrome's updater does run in the background, though not all the time.)

My experience is very different.

I have a standard install of chrome on big sur, as well as brave, and a bunch of electron apps. When I start up my mac none of these are running, there is no process with chrome or chromium in the name, and nothing in the process list that I can link back to chrome. When I launch some of the electron apps, chrome_crashpad_handler launches, which I assume is some kind of default electron behavior. When I close those apps, all chrome-related processes disappear from my process list. There is nothing untoward about chrome I can tell, nor is my system seeing any kind of recognizable slowdown, with or without chrome running. I also have chrome on very low-end macs, a 2009 mini with 8 GB ram and a 2014 air with 4 GB RAM, both running catalina. It runs fine on both, without seeming to cause particular performance issues. I just went through a reinstall of the 2009, and there was no performance difference before and after installing chrome.

I'm not saying yours or other people's bad experiences with chrome are not real, but I do wonder how it's possible that there are such very different experiences out there with what is ostensibly the same product. Maybe it's not just one cause: bad extensions, broken profiles, old installs with broken updaters (I had a broken microsoft updater causing havoc for a while), badly configured enterprise deployments, etc...